Download raw body.
Remove net.inet6.ip6.auto_flowlabel knob.
On Mon, Sep 15, 2025 at 04:45:02PM +0200, Florian Obser wrote:
> There is no reason not to do flowlabels.
>
> OK?
OK bluhm@
> diff --git lib/libc/sys/sysctl.2 lib/libc/sys/sysctl.2
> index b4a34f2748c..412ead4fa01 100644
> --- lib/libc/sys/sysctl.2
> +++ lib/libc/sys/sysctl.2
> @@ -1842,7 +1842,6 @@ The currently defined protocols and names are:
> .It icmp6 Ta nd6_mmaxtries Ta integer Ta yes
> .It icmp6 Ta nd6_umaxtries Ta integer Ta yes
> .It icmp6 Ta redirtimeout Ta integer Ta yes
> -.It ip6 Ta auto_flowlabel Ta integer Ta yes
> .It ip6 Ta dad_count Ta integer Ta yes
> .It ip6 Ta dad_pending Ta integer Ta yes
> .It ip6 Ta defmcasthlim Ta integer Ta yes
> @@ -1919,11 +1918,6 @@ constant in IPv6 neighbor discovery specification
> The variable specifies the lifetime of routing entries generated by
> incoming ICMPv6 redirects.
> .Pp
> -.It Li ip6.auto_flowlabel Pq Va net.inet6.ip6.auto_flowlabel
> -On connected transport protocol packets,
> -fill the IPv6 flowlabel field to help intermediate routers identify
> -packet flows.
> -.Pp
> .It Li ip6.dad_count Pq Va net.inet6.ip6.dad_count
> This variable configures the number of IPv6 DAD
> .Pq duplicated address detection
> diff --git sys/netinet6/in6.h sys/netinet6/in6.h
> index a6826e8756e..21d387e8167 100644
> --- sys/netinet6/in6.h
> +++ sys/netinet6/in6.h
> @@ -619,7 +619,7 @@ ifatoia6(struct ifaddr *ifa)
> { 0, 0 }, \
> { "hdrnestlimit", CTLTYPE_INT }, \
> { "dad_count", CTLTYPE_INT }, \
> - { "auto_flowlabel", CTLTYPE_INT }, \
> + { 0, 0 }, \
> { "defmcasthlim", CTLTYPE_INT }, \
> { 0, 0 }, \
> { 0, 0 }, \
> diff --git sys/netinet6/in6_pcb.c sys/netinet6/in6_pcb.c
> index a23203bf274..5577eba12e6 100644
> --- sys/netinet6/in6_pcb.c
> +++ sys/netinet6/in6_pcb.c
> @@ -334,10 +334,8 @@ in6_pcbconnect(struct inpcb *inp, struct mbuf *nam)
> mtx_leave(&table->inpt_mtx);
>
> inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK;
> - if (atomic_load_int(&ip6_auto_flowlabel)) {
> - inp->inp_flowinfo |=
> - (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
> - }
> + inp->inp_flowinfo |=
> + (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
> #if NSTOEPLITZ > 0
> inp->inp_flowid = stoeplitz_ip6port(&inp->inp_faddr6,
> &inp->inp_laddr6, inp->inp_fport, inp->inp_lport);
> @@ -730,10 +728,8 @@ in6_pcbset_addr(struct inpcb *inp, const struct sockaddr_in6 *fsin6,
> mtx_leave(&table->inpt_mtx);
>
> inp->inp_flowinfo &= ~IPV6_FLOWLABEL_MASK;
> - if (atomic_load_int(&ip6_auto_flowlabel)) {
> - inp->inp_flowinfo |=
> - (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
> - }
> + inp->inp_flowinfo |=
> + (htonl(ip6_randomflowlabel()) & IPV6_FLOWLABEL_MASK);
> #if NSTOEPLITZ > 0
> inp->inp_flowid = stoeplitz_ip6port(&inp->inp_faddr6,
> &inp->inp_laddr6, inp->inp_fport, inp->inp_lport);
> diff --git sys/netinet6/in6_proto.c sys/netinet6/in6_proto.c
> index 1f13bba4191..1e74ef6b401 100644
> --- sys/netinet6/in6_proto.c
> +++ sys/netinet6/in6_proto.c
> @@ -360,7 +360,6 @@ int ip6_maxfrags = 200; /* [a] */
> int ip6_hdrnestlimit = 10; /* [a] appropriate? */
> int ip6_dad_count = 1; /* [a] DupAddrDetectionTransmits */
> int ip6_dad_pending; /* number of currently running DADs */
> -int ip6_auto_flowlabel = 1; /* [a] */
> int ip6_mcast_pmtu = 0; /* [a] enable pMTU discovery for multicast? */
> int ip6_neighborgcthresh = 2048; /* [a] Threshold # of NDP entries for GC */
> int ip6_maxdynroutes = 4096; /* [a] Max # of routes created via redirect */
> diff --git sys/netinet6/ip6_input.c sys/netinet6/ip6_input.c
> index 37680d7fe52..4de688e4690 100644
> --- sys/netinet6/ip6_input.c
> +++ sys/netinet6/ip6_input.c
> @@ -1449,7 +1449,6 @@ const struct sysctl_bounded_args ipv6ctl_vars[] = {
> { IPV6CTL_MAXFRAGPACKETS, &ip6_maxfragpackets, 0, 1000 },
> { IPV6CTL_HDRNESTLIMIT, &ip6_hdrnestlimit, 0, 100 },
> { IPV6CTL_DAD_COUNT, &ip6_dad_count, 0, 10 },
> - { IPV6CTL_AUTO_FLOWLABEL, &ip6_auto_flowlabel, 0, 1 },
> { IPV6CTL_DEFMCASTHLIM, &ip6_defmcasthlim, 0, 255 },
> { IPV6CTL_MAXFRAGS, &ip6_maxfrags, 0, 1000 },
> { IPV6CTL_MFORWARDING, &ip6_mforwarding, 0, 1 },
> diff --git sys/netinet6/ip6_var.h sys/netinet6/ip6_var.h
> index 37f733dfd7d..075be22d3c5 100644
> --- sys/netinet6/ip6_var.h
> +++ sys/netinet6/ip6_var.h
> @@ -293,8 +293,6 @@ extern int ip6_hdrnestlimit; /* upper limit of # of extension headers */
> extern int ip6_dad_count; /* DupAddrDetectionTransmits */
> extern int ip6_dad_pending; /* number of currently running DADs */
>
> -extern int ip6_auto_flowlabel;
> -
> extern const struct pr_usrreqs rip6_usrreqs;
>
> struct inpcb;
>
> --
> In my defence, I have been left unsupervised.
Remove net.inet6.ip6.auto_flowlabel knob.